Anyway, I need IPv6 support. I'm going to refine this patch and use. If the
community people are interested I'll share it.
Regards,
Bala.
On Wed, Apr 10, 2013 at 5:02 PM, Michael Tuexen <tue...@fh-muenster.de>wrote:
> On Apr 10, 2013, at 1:19 PM, Balakumaran Kannan wrote:
>
> >
> > On Tue, Apr 9, 2013 at 10:13 PM, Mike Frysinger via RT <r...@openssl.org>
> wrote:
> > i've improved the original patch to make the -4/-6 behavior consistent
> across
> > the tools. i also tweaked the behavior slightly to make it run correctly
> > (imo).
> > -mike
> >
> >
> > I tried your patch it works well. Thank you very much for this work.
> >
> > I thought of doing some changes in the patch.
> >
> > 1. Leaving openssl binary as it is.
> > Run openssl in IPv4 mode if not specified explicitly.
> > If IPv6 support is needed, user should use '-6' option.
> >
> > 2. Use IPv6 hosts inside square brackets ( [] )
> > As IPv6 addresses use ':' as a separator for its segments we could
> not use it as separator for host and port. So if user forgets to enter port
> with '-connect' option, the last segment of IPv6 address will be taken as
> port. This is not desired.
> > So it will be better to use square brackets( [] ) to surround IPv6
> hosts.
> >
> > I made an incremental patch after applying your patch to openssl-1.0.1e.
> Please let me know your idea over this.
> >
> > And still I'm working on this patch to verify its functionality. So
> please let me know if you modify anything regards this.
> >
> > Thank you.
> The main point is whether the OpenSSL maintainers are interested in IPv6
> support or not.
> If they are, the patch can be optimized in whatever way they want. I they
> are not, the
> patch goes nowhere, so optimizing it doesn't make much sense...
>
> Best regards
> Michael
> >
> > Regards,
> > Bala
> >
> > ---
> > diff -x '*.out' -x '*tags' -x '*.pem' -x '*.0' -ur
> openssl-1.0.1e.mike/apps/s_apps.h openssl-1.0.1e/apps/s_apps.h
> > --- openssl-1.0.1e.mike/apps/s_apps.h 2013-04-10 14:17:59.000000000
> +0530
> > +++ openssl-1.0.1e/apps/s_apps.h 2013-04-10 14:59:57.000000000 +0530
> > @@ -159,7 +159,8 @@
> > int init_client(int *sock, char *server, int port, int type, int
> use_ipv4, int use_ipv6);
> > int should_retry(int i);
> > int extract_port(char *str, short *port_ptr);
> > -int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short
> *p);
> > +int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short
> *p,
> > + int use_ipv4, int use_ipv6);
> >
> > long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
> > int argi, long argl, long ret);
> > diff -x '*.out' -x '*tags' -x '*.pem' -x '*.0' -ur
> openssl-1.0.1e.mike/apps/s_client.c openssl-1.0.1e/apps/s_client.c
> > --- openssl-1.0.1e.mike/apps/s_client.c 2013-04-10 14:17:59.000000000
> +0530
> > +++ openssl-1.0.1e/apps/s_client.c 2013-04-10 16:35:13.000000000 +0530
> > @@ -637,12 +637,10 @@
> >
> > meth=SSLv23_client_method();
> >
> > + /* By default use IPv4 */
> > use_ipv4 = 1;
> > -#if OPENSSL_USE_IPV6
> > - use_ipv6 = 1;
> > -#else
> > use_ipv6 = 0;
> > -#endif
> > +
> > apps_startup();
> > c_Pause=0;
> > c_quiet=0;
> > @@ -673,6 +671,17 @@
> >
> > argc--;
> > argv++;
> > +
> > + /* Determine what to be used? IPv4 or IPv6 */
> > +#if OPENSSL_USE_IPV6
> > + for (i = 0; i < argc; i++) {
> > + if (!strcmp(argv[i], "-6")) {
> > + use_ipv4 = 0;
> > + use_ipv6 = 1;
> > + }
> > + }
> > +#endif /* OPENSSL_USE_IPV6 */
> > +
> > while (argc >= 1)
> > {
> > if (strcmp(*argv,"-host") == 0)
> > @@ -689,7 +698,8 @@
> > else if (strcmp(*argv,"-connect") == 0)
> > {
> > if (--argc < 1) goto bad;
> > - if (!extract_host_port(*(++argv),&host,NULL,&port))
> > + if (!extract_host_port(*(++argv),&host,NULL,&port, use_ipv4,
> > + use_ipv6))
> > goto bad;
> > }
> > else if (strcmp(*argv,"-verify") == 0)
> > diff -x '*.out' -x '*tags' -x '*.pem' -x '*.0' -ur
> openssl-1.0.1e.mike/apps/s_server.c openssl-1.0.1e/apps/s_server.c
> > --- openssl-1.0.1e.mike/apps/s_server.c 2013-04-10 14:17:59.000000000
> +0530
> > +++ openssl-1.0.1e/apps/s_server.c 2013-04-10 15:06:32.000000000 +0530
> > @@ -980,12 +980,9 @@
> > #endif
> > meth=SSLv23_server_method();
> >
> > + /* By default use IPv4 */
> > use_ipv4 = 1;
> > -#if OPENSSL_USE_IPV6
> > - use_ipv6 = 1;
> > -#else
> > use_ipv6 = 0;
> > -#endif
> > local_argc=argc;
> > local_argv=argv;
> >
> > diff -x '*.out' -x '*tags' -x '*.pem' -x '*.0' -ur
> openssl-1.0.1e.mike/apps/s_socket.c openssl-1.0.1e/apps/s_socket.c
> > --- openssl-1.0.1e.mike/apps/s_socket.c 2013-04-10 14:17:59.000000000
> +0530
> > +++ openssl-1.0.1e/apps/s_socket.c 2013-04-10 16:38:11.000000000 +0530
> > @@ -572,12 +572,31 @@
> > }
> >
> > int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
> > - short *port_ptr)
> > + short *port_ptr, int use_ipv4, int use_ipv6)
> > {
> > char *h,*p;
> > + int domain;
> >
> > h=str;
> > - p=strrchr(str,':');
> > + if (use_ipv4) {
> > + domain = AF_INET;
> > + p=strrchr(str,':');
> > + }
> > +#if OPENSSL_USE_IPV6
> > + else if (use_ipv6) {
> > + domain = AF_INET6;
> > + str++;
> > + h = strchr(str, ']');
> > + if (h) {
> > + p = strchr(h, ':');
> > + *h = '\0';
> > + }
> > + h = str;
> > + }
> > +#endif /* OPENSSL_USE_IPV6 */
> > + else
> > + goto err;
> > +
> > if (p == NULL)
> > {
> > BIO_printf(bio_err,"no port defined\n");
> > @@ -585,12 +604,13 @@
> > }
> > *(p++)='\0';
> >
> > - if ((ip != NULL) && !host_ip(str,ip,AF_INET))
> > + if ((ip != NULL) && !host_ip(str,ip,domain))
> > goto err;
> > if (host_ptr != NULL) *host_ptr=h;
> >
> > if (!extract_port(p,port_ptr))
> > goto err;
> > +
> > return(1);
> > err:
> > return(0);
> >
>
>
